Microsoft: IE Patch Tuesday vulnerabilities not actually patched
Read more at: Microsoft: One of the Patch Tuesday vulnerabilities not actually patched | ZDNet
Microsoft today issued an update to one of this week's Patch Tuesday bulletins to note that one of the vulnerabilities listed in it as being fixed was not, in fact, fixed.
The bulletin was MS13-080: Cumulative Security Update for Internet Explorer. It originally disclosed 10 vulnerabilities. One of them, CVE-2013-3871, is an "Internet Explorer Memory Corruption Vulnerability." The vulnerability was credited to Simon Zuckerbraun working with HP's Zero Day Initiative.